The Public Eye with Eric Chabrow

Much Ado About Nothing Hack

Much Ado About Nothing Hack

And, as of Friday, DoD's National Geospatial-Intelligence Agency, which collects, analyzes and distributes geospatial intelligence to support national security, still employs Montgomery, where he has worked for the past 10 years, according to a spokeswoman.

Any security breach should be treated seriously, but not all breaches are equal, as the Montgomery case shows.

In this case, the punishment seems to fit the crime. 

Montgomery had top secret clearance, but didn't have privileges to access a computer systems used by the Army and FBI in a terrorism investigation, which he did at least twice in April. Still, despite a banner warning against unauthorized access, Montgomery accessed the system. Before his arrest, Montgomery told investigators, according to an affidavit: "It was not until I was called on the carpet, that I went back and read the warning notice in the message traffic."

In an interview with Wired.com before the felony charge was reduced to a misdemeanor and his sentencing, Montgomery said he was being made a scapegoat for a security snafu that sent a password to tens of thousands of analysts without the need-to-know. "In my opinion, go after the person who provided me with that information," he said. "I was just a consumer. I wasn't the person who put that username and password out there for tens out thousands of analysts to see."

Still, Montgomery violated a law, despite the fact there was neither evidence of ill intent nor perceivable damage to the terrorism investigation or national security. In this case, the punishment seems to fit the crime.



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.